Electronic safes correspond to storage spaces, with secure access, for electronic data. They offer administrations, companies and private individuals a solution for storing, in electronic form, various content, for example pay slips, bank statements, insurance policies, photographs, etc. (see, for example, the website www.e-coffrefort.fr).
Such electronic safes are generally created, and then managed, by means of a server belonging to a trusted third party and accessible from a large number of terminals (computers, mobile telephones, with WAP or Internet connection, etc.) by the users of the electronic safes.
The electronic safe generally comprises electronic directories, called folders. When a company or an administration opens a safe for a user, it provides him with a security module, for example hardware (smart card, USB medium provided with a crypto-processor (called in particular a USB “token” or “dongle”), etc.), having means of storing in particular access data. When the user wishes to access the electronic safe, a step of authenticating the user is carried out by the server by means of the security module and a terminal adapted to communicate with the server.
The authentication step generally comprises reading the access data from the security module in order to allow authentication of the holder and authorise or not the access to an electronic safe.
Amongst the folders contained in an electronic safe, one folder is generally dedicated to the storage of personal data of the user: address and telephone number, marital status, and more generally any other personal electronic item or file he wishes to archive securely.
A user may have the benefit of several electronic safes: a safe offered by his employer, another by his bank and/or insurance company, an administration, etc.
Each time an electronic safe is created, the user therefore has a new folder dedicated to his personal data.
For example, a company E1 offers an electronic safe cf1 to one of its employees. The electronic safe is opened in the name of this employee, and the personal details of the employee are recorded in the folder “personal data”.
For accessing this safe, the company has issued the employee with a smart card (or a USB medium provided with a crypto-processor) comprising the logo and name of the company, etc.
Subsequently, the employee is offered a second electronic safe cf2 by another company (his bank or insurance company) or administration E2. This second safe is also opened with the name of the employee.
At that moment, no connection exists between the two safes via the server which manages them independently of each other. The probability of the existence of a homonym, the confidential nature of the data recorded in these safes (personal data, medical data, pay slips, bank details, etc.), and the risk connected with a fraud, preclude the establishment of a link between these two safes on usual criteria such as name and personal details.
The inventors thus noted a requirement to be able to establish a link between electronic safes allocated to the same user, possibly by means of different companies or administrations, without introducing any breach in keeping the information secure.